Tal vez te guste
New post and tool! Attackers can break production AI systems by using image scaling to hide multi-modal prompt injections from users. 🧵for more info on what broke, how this works, and our new tool to try this out yourself
We hacked Gemini CLI, Vertex AI, Assistant, and other AI systems by embedding prompts into images that are not visible to users.
#BSidesBerlin Speaker Showcase @kiki_morozova explores Weaponizing Image Scaling Against Production AI Systems. @SecurityBSides #AI #Infosec
I’m excited to announce that I’ll be presenting my and @suhackerr’s image scaling research at @SidesBer on the 8th of November!
#BSidesBerlin Speaker Showcase @kiki_morozova explores Weaponizing Image Scaling Against Production AI Systems. @SecurityBSides #AI #Infosec
in the NYC dating world, there's the pernicious concept of the "roster". a few people go on a lot of great first dates, giving false hope to the unwitting that this could be the start of something serious many new startups are feeling special because they got on a lab's roster
If you hide the system prompt and tool descriptions for your LLM agent, what you're actually doing is taking the single most detailed set of documentation for your service and deliberately hiding it from your most sophisticated users!
I’m super excited to be part of the @AISecSummit put together by @aiDotEngineer and @snyksec. See you in SF next month!
Devious new attack class defined by @wunderwuzzi23: "Cross-Agent Privilege Escalation" If someone has both Claude Code and GitHub Copilot on their machine you can prompt inject one and have it edit the config for the other in order to further escalate your attack's privileges!
My friends, today I am excited to announce AI Sequrity (@aisequrity). Our mission is to provide developers and enterprises a painless and stress-free deployment of AI that is secure by design. You heard this right. You can deploy your AI agents and get guaranteed security. The…
Thank you @__maxreynolds for giving us the courage to stand up against these nasty people who abuse their position of trust and power. 🙏
Christopher Hadnagy engaged in a pattern of harassment and retaliation against me after I left his company, Social-Engineer, LLC. Here are the key actions he took against me, including things not currently written into Def Con’s documentation/exhibits. Note: I simply quit my job.
Not to sounds like a broken record but don’t forget data processing; map-reduce with LLMs or sql queries with LLM-powered operators. If you know the entire workload bc it’s submitted via SQL query, you can do so much: Design custom KV caching policies, approximate inference like…
Tri Dao (creator of FlashAttention) says there are 3 kinds of inference we will need to optimize for: > traditional chatbot workloads w/ fast enough to feel responsive but not instantaneous, to maintain a natural user experience > low-latency ultra-fast inference for highly…
it was lovely to speak at @AITinkerers!! thank you to all who came, the organizers, and @suhackerr for your coauthoring on the research :D
It was awesome watching @kiki_morozova present the weaponizing image scaling research and win Best Multimodal Build at @AITinkerers NYC Demopalooza. Shoutout @rjnmrry and team for putting together yet another awesome event!
It was awesome watching @kiki_morozova present the weaponizing image scaling research and win Best Multimodal Build at @AITinkerers NYC Demopalooza. Shoutout @rjnmrry and team for putting together yet another awesome event!
Excited to release a preview of Moondream 3. A 9B param, 2B active MoE vision language model that makes no compromises; offering state-of-the-art visual reasoning while still retaining an efficient and deployment-friendly form factor.
tutorials give the illusion of mastery. building turns knowledge into conviction. but blind building without direction or reflection only compounds knowledge debt and turns confidence into a flimsy house of cards. the real craft is synthesis: doing, while deeply understanding…
somehow i am both of these people
Fun tensor-puzzle in the wild in the recent anthropic blog post. Can anyone do it in 1 line? anthropic.com/engineering/a-…
The EF is looking for an AI Security Researcher
AI Security Engineer for the Protocol Security team: jobs.lever.co/ethereumfounda… 3/3
who’s building this (also combine with dspy golf, make the shortest program do it)
there's too many people with "AI/ML" in their bio asking what this image is.
Longer writeup of the AI Kill Chain that we discussed briefly at Black Hat this year, with a worked out example. developer.nvidia.com/blog/modeling-…
Super cool. Three questions: 1) Does this mean their batch size is humongous? 2) Does this mean all of the users' code is being trained on in immediate real time and then shipped to prod without further audit? 3) Does that mean malicious rewards are trivial to inject at scale?
We've trained a new Tab model that is now the default in Cursor. This model makes 21% fewer suggestions than the previous model while having a 28% higher accept rate for the suggestions it makes. Learn more about how we improved Tab with online RL.
United States Tendencias
- 1. Chiefs 109K posts
- 2. Branch 33.7K posts
- 3. Mahomes 33.3K posts
- 4. Red Cross 39.2K posts
- 5. #TNABoundForGlory 55.4K posts
- 6. Binance DEX 5,171 posts
- 7. #LaGranjaVIP 71.2K posts
- 8. #LoveCabin 1,194 posts
- 9. Rod Wave 1,336 posts
- 10. Bryce Miller 4,462 posts
- 11. Dan Campbell 3,876 posts
- 12. Goff 13.7K posts
- 13. LaPorta 10.8K posts
- 14. Kelce 16.7K posts
- 15. #OnePride 6,397 posts
- 16. Mariners 50K posts
- 17. #DETvsKC 4,989 posts
- 18. Butker 8,508 posts
- 19. Eitan Mor 8,128 posts
- 20. Omri Miran 8,446 posts
Tal vez te guste
-
Giovanni Apruzzese
@g_apru -
Netsec Explained
@GTKlondike -
moo
@moo_hax -
Jim Miller
@TheMijCipher -
EUGENE NEELOU
@eneelou -
Anton Permenev
@a_permenev -
shane
@shncldwll -
Adelin Travers
@alkae_t -
Evan Sultanik
@ESultanik -
Vijay Bolina
@vijaybolina -
andrew
@gradientjanitor -
rmi7
@0xrmi7 -
Jacob B ⚜️🦧
@BenevOrang -
Dan Grahn
@realDanGrahn
Something went wrong.
Something went wrong.